diff --git a/molecule/centos/Dockerfile.j2 b/molecule/centos/Dockerfile.j2 new file mode 100644 index 0000000..b3dcd21 --- /dev/null +++ b/molecule/centos/Dockerfile.j2 @@ -0,0 +1,32 @@ +# Molecule managed + +{% if item.registry is defined %} +FROM {{ item.registry.url }}/{{ item.image }} +{% else %} +FROM {{ item.image }} +{% endif %} + +{% if item.env is defined %} +{% for var, value in item.env.items() %} +{% if value %} +ENV {{ var }} {{ value }} +{% endif %} +{% endfor %} +{% endif %} + +RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates iproute2 && apt-get clean; \ + elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash iproute && dnf clean all; \ + elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash iproute && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \ + elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml iproute2 && zypper clean -a; \ + elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \ + elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates iproute2 && xbps-remove -O; fi + +# Create `ansible` user with sudo permissions and membership in `DEPLOY_GROUP` +ENV ANSIBLE_USER=ansible SUDO_GROUP=wheel DEPLOY_GROUP=deployer +RUN set -xe \ + && groupadd -r ${ANSIBLE_USER} \ + && groupadd -r ${DEPLOY_GROUP} \ + && useradd -m -g ${ANSIBLE_USER} ${ANSIBLE_USER} \ + && usermod -aG ${SUDO_GROUP} ${ANSIBLE_USER} \ + && usermod -aG ${DEPLOY_GROUP} ${ANSIBLE_USER} \ + && sed -i "/^%${SUDO_GROUP}/s/ALL\$/NOPASSWD:ALL/g" /etc/sudoers diff --git a/molecule/centos/molecule.yml b/molecule/centos/molecule.yml index b5b0f7c..3cffb76 100644 --- a/molecule/centos/molecule.yml +++ b/molecule/centos/molecule.yml @@ -11,7 +11,6 @@ lint: platforms: - name: ansible-role-visual-studio-code-centos image: centos:7 - dockerfile: ../default/Dockerfile.j2 provisioner: name: ansible @@ -19,6 +18,10 @@ provisioner: converge: ../code-only/playbook.yml lint: name: ansible-lint + inventory: + host_vars: + instance: + ansible_user: ansible scenario: name: centos diff --git a/molecule/default/Dockerfile.j2 b/molecule/default/Dockerfile.j2 index 0de39e6..4d58239 100644 --- a/molecule/default/Dockerfile.j2 +++ b/molecule/default/Dockerfile.j2 @@ -20,3 +20,13 @@ RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y pyth elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml iproute2 && zypper clean -a; \ elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \ elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates iproute2 && xbps-remove -O; fi + +# Create `ansible` user with sudo permissions and membership in `DEPLOY_GROUP` +ENV ANSIBLE_USER=ansible SUDO_GROUP=sudo DEPLOY_GROUP=deployer +RUN set -xe \ + && groupadd -r ${ANSIBLE_USER} \ + && groupadd -r ${DEPLOY_GROUP} \ + && useradd -m -g ${ANSIBLE_USER} ${ANSIBLE_USER} \ + && usermod -aG ${SUDO_GROUP} ${ANSIBLE_USER} \ + && usermod -aG ${DEPLOY_GROUP} ${ANSIBLE_USER} \ + && sed -i "/^%${SUDO_GROUP}/s/ALL\$/NOPASSWD:ALL/g" /etc/sudoers diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml index 40ee94c..90121e3 100644 --- a/molecule/default/molecule.yml +++ b/molecule/default/molecule.yml @@ -16,6 +16,10 @@ provisioner: name: ansible lint: name: ansible-lint + inventory: + host_vars: + instance: + ansible_user: ansible scenario: name: default diff --git a/molecule/fedora/molecule.yml b/molecule/fedora/molecule.yml index 34bc3b2..1256828 100644 --- a/molecule/fedora/molecule.yml +++ b/molecule/fedora/molecule.yml @@ -11,7 +11,7 @@ lint: platforms: - name: ansible-role-visual-studio-code-fedora image: fedora:31 - dockerfile: ../default/Dockerfile.j2 + dockerfile: ../centos/Dockerfile.j2 provisioner: name: ansible @@ -19,6 +19,10 @@ provisioner: converge: ../code-only/playbook.yml lint: name: ansible-lint + inventory: + host_vars: + instance: + ansible_user: ansible scenario: name: fedora diff --git a/molecule/opensuse/Dockerfile.j2 b/molecule/opensuse/Dockerfile.j2 new file mode 100644 index 0000000..42b2c30 --- /dev/null +++ b/molecule/opensuse/Dockerfile.j2 @@ -0,0 +1,33 @@ +# Molecule managed + +{% if item.registry is defined %} +FROM {{ item.registry.url }}/{{ item.image }} +{% else %} +FROM {{ item.image }} +{% endif %} + +{% if item.env is defined %} +{% for var, value in item.env.items() %} +{% if value %} +ENV {{ var }} {{ value }} +{% endif %} +{% endfor %} +{% endif %} + +RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates iproute2 && apt-get clean; \ + elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash iproute && dnf clean all; \ + elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash iproute && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \ + elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml iproute2 && zypper clean -a; \ + elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \ + elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates iproute2 && xbps-remove -O; fi + +# Create `ansible` user with sudo permissions and membership in `DEPLOY_GROUP` +ENV ANSIBLE_USER=ansible SUDO_GROUP=wheel DEPLOY_GROUP=deployer +RUN set -xe \ + && groupadd -r ${ANSIBLE_USER} \ + && groupadd -r ${SUDO_GROUP} \ + && groupadd -r ${DEPLOY_GROUP} \ + && useradd -m -g ${ANSIBLE_USER} ${ANSIBLE_USER} \ + && usermod -aG ${SUDO_GROUP} ${ANSIBLE_USER} \ + && usermod -aG ${DEPLOY_GROUP} ${ANSIBLE_USER} \ + && sed -i "/^%${SUDO_GROUP}/s/ALL\$/NOPASSWD:ALL/g" /etc/sudoers diff --git a/molecule/opensuse/molecule.yml b/molecule/opensuse/molecule.yml index 628248a..5f66244 100644 --- a/molecule/opensuse/molecule.yml +++ b/molecule/opensuse/molecule.yml @@ -11,7 +11,6 @@ lint: platforms: - name: ansible-role-visual-studio-code-opensuse image: opensuse/leap:15.1 - dockerfile: ../default/Dockerfile.j2 provisioner: name: ansible @@ -19,6 +18,10 @@ provisioner: converge: ../code-only/playbook.yml lint: name: ansible-lint + inventory: + host_vars: + instance: + ansible_user: ansible scenario: name: opensuse diff --git a/molecule/python3/Dockerfile.j2 b/molecule/python3/Dockerfile.j2 index c939a5b..4193180 100644 --- a/molecule/python3/Dockerfile.j2 +++ b/molecule/python3/Dockerfile.j2 @@ -20,3 +20,13 @@ RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y pyth elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml iproute2 && zypper clean -a; \ elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \ elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates iproute2 && xbps-remove -O; fi + +# Create `ansible` user with sudo permissions and membership in `DEPLOY_GROUP` +ENV ANSIBLE_USER=ansible SUDO_GROUP=sudo DEPLOY_GROUP=deployer +RUN set -xe \ + && groupadd -r ${ANSIBLE_USER} \ + && groupadd -r ${DEPLOY_GROUP} \ + && useradd -m -g ${ANSIBLE_USER} ${ANSIBLE_USER} \ + && usermod -aG ${SUDO_GROUP} ${ANSIBLE_USER} \ + && usermod -aG ${DEPLOY_GROUP} ${ANSIBLE_USER} \ + && sed -i "/^%${SUDO_GROUP}/s/ALL\$/NOPASSWD:ALL/g" /etc/sudoers diff --git a/molecule/python3/molecule.yml b/molecule/python3/molecule.yml index e7e38a2..d821934 100644 --- a/molecule/python3/molecule.yml +++ b/molecule/python3/molecule.yml @@ -21,6 +21,10 @@ provisioner: ansible_python_interpreter: /usr/bin/python3 lint: name: ansible-lint + inventory: + host_vars: + instance: + ansible_user: ansible scenario: name: python3 diff --git a/molecule/ubuntu-min/molecule.yml b/molecule/ubuntu-min/molecule.yml index d661616..9acedd2 100644 --- a/molecule/ubuntu-min/molecule.yml +++ b/molecule/ubuntu-min/molecule.yml @@ -19,6 +19,10 @@ provisioner: converge: ../default/playbook.yml lint: name: ansible-lint + inventory: + host_vars: + instance: + ansible_user: ansible scenario: name: ubuntu-min